Documentation
¶
Index ¶
- type Config
- type User
- type UserMFA
- type UserSubscription
- type VPNConnection
- type VpnSession
- type WebAuthNUser
- func (u *WebAuthNUser) AddCredential(cred webauthn.Credential)
- func (u WebAuthNUser) CredentialExcludeList() []protocol.CredentialDescriptor
- func (u WebAuthNUser) WebAuthnCredentials() []webauthn.Credential
- func (u WebAuthNUser) WebAuthnDisplayName() string
- func (u WebAuthNUser) WebAuthnID() []byte
- func (u WebAuthNUser) WebAuthnIcon() string
- func (u WebAuthNUser) WebAuthnName() string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
AdminEmail string // ADMINEMAIL
ConnectionsRetention int // CONNECTIONSRETENTION
Debug bool // DEBUG
Port int // PORT
Host string // HOST
DbType string // DBTYPE
DbDSN string // DBDSN
ExcludedIdentities []string // EXCLUDEDIDENTITIES
RedirectDomain *url.URL // REDIRECTDOMAIN
OAuth2ClientID string // OAUTH2LIENTID
OAuth2ClientSecret string // OAUTH2CLIENTSECRET
OAuth2Provider string // OAUTH2PROVIDER
OAuth2Tenant string // OAUTH2TENANT
EnableNotifications bool // ENABLENOTIFICATIONS
EnforceMFA bool // ENFORCEMFA
MaxBodySize int64 // not documented
MFAOTP bool // MFAOTP
Issuer string // ISSUER
MFATouchID bool // MFATOUCHID
MFAWebauthn bool // MFAWEBAUTHN
LogoURL *url.URL // LOGOURL
SigningKey string // SIGNINGKEY
EncryptionKey string // ENCRYPTIONKEY
OriginalIPHeader string // ORIGINALIPHEADER
OriginalProtoHeader string // ORIGINALPROTOHEADER
SSLMode string // SSLMODE
SSLAutoCertsDir string // SSLAUTOCERTSDIR
SSLCustomCertPath string // SSLCUSTOMCERTPATH
SSLCustomKeyPath string // SSLCUSTOMKEYPATH
VapidPublicKey string // VAPIDPUBLICKEY
VapidPrivateKey string // VAPIDPRIVATEKEY
VPNCheckPassword string // VPNCHECKPASSWORD
VPNSessionValidity time.Duration // VPNSESSIONVALIDITY
WebSessionValidity time.Duration // WEBSESSIONVALIDITY
WebSessionProofTimeout time.Duration // WEBSESSIONPROOFTIMEOUT
}
Config holds all the application config values. Not really a classical model since not saved into DB.
type User ¶
type User struct {
gorm.Model
ID uuid.UUID `gorm:"type:uuid;primaryKey"`
Email string `gorm:"unique"`
CreatedAt time.Time
UpdatedAt time.Time
MFAs []UserMFA
}
User is a successfully authenticated OAuth2 account
func (*User) BeforeCreate ¶
BeforeCreate ensures the model has an ID before saving it
type UserMFA ¶
type UserMFA struct {
ID uuid.UUID `gorm:"type:uuid;primaryKey"`
UserID uuid.UUID
Type string
Data string // Provider-specific data. (OTP secret...))
Validated bool
CreatedAt time.Time
ExpiresAt time.Time // Expiration date when validation is pending
UserAgent string
User User `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}
UserMFA represents a "second factor" authentication provider for a given user
func (*UserMFA) BeforeCreate ¶
BeforeCreate ensures the model has an ID before saving it
type UserSubscription ¶
type UserSubscription struct {
UserID uuid.UUID `gorm:"type:uuid"`
Hash string `gorm:"primaryKey"`
Data string
CreatedAt time.Time
LastUsedAt time.Time
User User `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}
UserSubscription is an authenticated User subscription to web push notifications
type VPNConnection ¶
type VPNConnection struct {
ID uuid.UUID `gorm:"type:uuid;primaryKey"`
Identity string
UserID *uuid.UUID `gorm:"type:uuid,index"`
SourceIP string // VPN client/user IP
VPNSourceIP string // Source IP of the request to `/vpn/check` (VPN server normally)
Allowed bool
VPNSessionID *uuid.UUID `gorm:"type:uuid"`
CreatedAt time.Time `gorm:"index"`
User User `gorm:"primaryKey;foreignKey:UserID;constraint:OnUpdate:CASCADE,OnDelete:SET NULL;references:id"`
VpnSession VpnSession `gorm:"primaryKey;foreignKey:VPNSessionID;constraint:OnUpdate:CASCADE,OnDelete:SET NULL;references:id"`
}
Connection represents a connection attempt to the VPN
func (*VPNConnection) BeforeCreate ¶
func (vpnConn *VPNConnection) BeforeCreate(scope *gorm.DB) error
BeforeCreate ensures the model has an ID before saving it
type VpnSession ¶
type VpnSession struct {
// Using `Email` as primary key again ensures a user only has 1 valid "session"
ID uuid.UUID `gorm:"unique"`
Email string `gorm:"primaryKey"`
SourceIP string
CreatedAt time.Time
User User `gorm:"primaryKey;foreignKey:Email;constraint:OnUpdate:CASCADE,OnDelete:CASCADE;references:email"`
}
VpnSession represents a successful Google + OTP login
func (*VpnSession) BeforeCreate ¶
func (vpnSession *VpnSession) BeforeCreate(scope *gorm.DB) error
BeforeCreate ensures the model has an ID before saving it
type WebAuthNUser ¶
type WebAuthNUser struct {
// contains filtered or unexported fields
}
WebAuthNUser represents the user model for the webauthn package
func NewWebAuthNUser ¶
func NewWebAuthNUser(id uuid.UUID, name string, displayName string) *WebAuthNUser
NewWebAuthNUser creates and returns a new WebAuthNUser
func (*WebAuthNUser) AddCredential ¶
func (u *WebAuthNUser) AddCredential(cred webauthn.Credential)
AddCredential associates the credential to the user
func (WebAuthNUser) CredentialExcludeList ¶
func (u WebAuthNUser) CredentialExcludeList() []protocol.CredentialDescriptor
CredentialExcludeList returns a CredentialDescriptor array filled with all the user's credentials
func (WebAuthNUser) WebAuthnCredentials ¶
func (u WebAuthNUser) WebAuthnCredentials() []webauthn.Credential
WebAuthnCredentials returns credentials owned by the user
func (WebAuthNUser) WebAuthnDisplayName ¶
func (u WebAuthNUser) WebAuthnDisplayName() string
WebAuthnDisplayName returns the user's display name
func (WebAuthNUser) WebAuthnID ¶
func (u WebAuthNUser) WebAuthnID() []byte
WebAuthnID returns the user's ID
func (WebAuthNUser) WebAuthnIcon ¶
func (u WebAuthNUser) WebAuthnIcon() string
WebAuthnIcon is not (yet) implemented
func (WebAuthNUser) WebAuthnName ¶
func (u WebAuthNUser) WebAuthnName() string
WebAuthnName returns the user's username
Source Files